NFT spam in Collectibles tab

near / near-wallet

Web wallet for NEAR Protocol which stores keys in browser's localStorage

https://wallet.near.org

MIT License

220 stars 176 forks source link

NFT spam in Collectibles tab #1886

Open zavodil opened 3 years ago

zavodil commented 3 years ago

Problem

NFT contract may send a spam in the Collectibles tab and pretend to be an official source of information

Clip2net_210705165921

Expected Behavior

Show notifications that information in that tab is unofficial and not related to Near Team.
Allow users to report abuse nft contracts
Blacklist nft contracts

Steps to reproduce

Update values in local storage to view wallet of infinitynft.near
click on Collectibles

stefanopepe commented 3 years ago

@corwinharrell I'm wondering if we want to add a switch "spam filter = true" to the wallet UI, and arbitrarily censor such initiatives - leaving the users to disable this filter if they want to see them anyway. It may rapidly become a cat-and-mouse game, where we need to continuously block new spam contracts and their NFTs, at that point we'll use some collective intelligence (e.g. a DAO) to decide.

As an alternative to the complete image removal, we may add a blurred layer and an alert to the NFT image, asking the user to click on the blurred layer if they really want to see it.

starpause commented 3 years ago

Allowing users to burn NFT from their wallet may be enough.

I like the idea of a DAO for managing trusted contracts. A report spam button built into the wallet is better UX.

As for what to do with untrusted content, https://wax.atomichub.io/ has some precidence. Any contract/collection has a warning on it until proven trustworthy. I like the idea of blurring the preview and overlaying the warning. Prevention measure against pranksters spaming gore/nudity/etc.

ilyar commented 3 years ago

We are solving the problem we created.

Now the logic is this - the user sees the NTF:

1.if a transfer was made for the user (this is not always the user's initiative) and at the moment it does not work for the case when the user issues NTF by paying for the dipozit. (An example of this token https://pluminite.com/#/gem/token-1624492673598 I received by minting, but it does not sees in my wallet)

More free and conscious logic - the user sees NTF:

1.if he himself executed the chasing or the transfer was initiated by the user himself, it is difficult to have something to think about 2.if he added a contract he trusts

In general, these are unfinished thoughts, but the bottom line is that the determining factor should be the conscious actions of the user.